Embed Size (px)
Citation preview
www.verygoodsecurity.com
Very Good Security (VGS) is a leading data security and enablement company. With VGS, startups and enterprise companies can operate on sensitive data without the cost and liability of securing the data themselves. VGS provides specialized infrastructure that intercepts data and replaces it with an aliased version that improves security while also accelerating business growth.
About VGS
VERY GOOD SECURITY
Case Study
introduction
Payments-Powered Loyalty, Made Possible by VGS
Fivestars Solution Powered by VGS
From Secure Transaction to Loyal Customer
Next-Generation Identity with VGS
Client: Founded in 2010, Fivestars has built the largest commerce network for local businesses, helping over 14,000 merchants offer payments and marketing programs to their consumers. Tallying 60+ million members across the US, 1 in 6 Americans use Fivestars to shop locally.
Goal: Turn transactions into relationships by linking consumer identities to payment cards in order to provide merchants a seamlessly integrated loyalty and payments solution that increases customer retention while also offering consumers a delightful, frictionless experience at the point of sale.
Problem Summary: Fivestars wanted to add payments to their marketing and loyalty platform to seamlessly link customer identities to payment methods. To do so successfully, Fivestars wanted a neutral technology partner to help them retain control over transaction data without having to deal with PCI-DSS compliance, and without being locked into any one payment processor.
Solution Summary: Partnering with VGS, Fivestars created a personalized customer checkout experience on par with global QSR brands, while quickly and efficiently helping thousands of small businesses onboard consumers onto their loyalty program.
Region: United States
Industries: QSR, Loyalty Programs, Marketing Automation, Payment Facilitation
Fivestars has built the largest commerce network for local businesses with over 14,000 merchants by offering an innovative way for local businesses to engage, activate, and retain their consumers. Tracking rewards previously required consumers to enter a phone number or email address for every point-of-sale transaction to get credit for a purchase. This inconvenienced consumers and resulted in lower consumer participation and longer checkout times for merchants.
To eliminate this friction, Fivestars enabled consumers to link their payment cards to Fivestars’ loyalty accounts, thereby turning simple transactions into deeper relationships and an easier way to earn rewards for repeat transactions. The resulting experience seamlessly combined payment with loyalty, delivering a polished consumer experience rivaling that of much larger brands like Starbucks and Dunkin Donuts.
In order to realize their vision of an integrated loyalty experience at checkout, Fivestars became a payment facilitator. This allowed them to offer cost-effective payment processing to local merchants, while also ensuring that Fivestars would have full access to transaction data for purposes of tracking loyalty and providing reporting to merchants. The key to Fivestars’ objective was retaining transaction data without being locked into a single payments vendor and without exposing themselves to PCI-DSS compliance scope. Building a solution from scratch was cost-prohibitive, and relying on payment processors for tokenization or data vaulting limited Fivestars’ transaction insights and the ability to deliver personalized experiences to merchants and consumers.
By choosing VGS as their technology partner and data tokenization and compliance platform, Fivestars was able to rapidly achieve PCI compliance and accelerate integrations with their chosen payment processors. Additionally, Fivestars uses VGS to maintain independent ownership of its transaction data without being locked into any one payment processor or proprietary token scheme. By Fivestars’ calculation, working with VGS saved them nearly $1M and at least six months of development time, allowing them to get to market faster and focus on building their loyalty platform instead of building more compliance overhead.
Fivestars’ platform enables local small businesses to create loyalty programs and marketing campaigns for customer activation, engagement, and retention on par with those of much larger brands like Starbucks or Dunkin’ Donuts. Fivestars began their journey into payments with the largest commerce network for local businesses and customer loyalty network in the US, with over 14,000 locations and 60 million members. Fivestars attributes their success with SMBs to engaging far more of a merchant’s customers than any other retention marketing platform available, thanks to Fivestars’ innovative and easy-to-use customer engagement platform.
Loyalty and rewards platforms at many large retailers and QSRs are not linked with payment transactions, so redeeming coupons or personalized offers often requires extra work for consumers, which decreases activation rates. Consumers typically have to enter personal information or scan a separate loyalty app at the point of sale in order to be rewarded for their purchase.
To accomplish their objectives quickly, Fivestars worked with key channel partners to distribute its new payments hardware with embedded loyalty features. Fivestars also became a payment facilitator to access transaction data for loyalty and consumer insights. Being able to stay out of the scope of PCI compliance while protecting sensitive consumer data became a critical requirement for Fivestars’ approach. Do-it-yourself options for PCI compliance were too costly and time-consuming. Fivestars estimates it would have had to spend roughly $1M on security infrastructure and PCI compliance alone, not including additional engineering headcount to build and maintain a card data environment, extra hardware and software costs, and a PCI compliance design consultation from a seasoned consultant. Moreover, the challenge and costs involved in hiring experienced engineers would have added more than six months to their development timeline. The ability to refocus their resources and time on other business priorities was a huge benefit.
The Fivestars-VGS partnership enabled the Fivestars team to launch its improved marketing loyalty program for small businesses at least 6 months faster than any other approach would have. VGS’ infrastructure powers Fivestars’ seamless experience for consumer loyalty across multiple businesses, channels and devices.
The new transaction data has also allowed Fivestars to provide their merchants with better analytics and consumer insights, which results in more effective engagement with consumers and a higher rate of repeat business. For example, following re-opening after the COVID-19 shutdown, merchants using Fivestars’ platform to deliver personalized offers to consumers have seen customers return at twice the rate of merchants not using the platform.
As VGS and Fivestars continue to deliver valuable data-driven insights, the ultimate benefit of turning transactions into relationships will accrue to those forward-thinking merchants that are able to use data as a strategic differentiator.
After thoroughly evaluating several options for payments tokenization and data security, Fivestars decided to partner with VGS to take control and ownership over its transaction data without exposing Fivestars to increased risk, compliance scope, or vendor lock-in.
The VGS Zero Data approach provides an end-to-end data security solution that ensures businesses don’t come into contact with the sensitive data they wish to collect or vault. And yet, companies retain full use and ownership of their sensitive data without the cost or liability of securing the data themselves. In addition to de-risking sensitive customer data and de-scoping Fivestars from PCI compliance, VGS provided the infrastructure to help Fivestars link a consumer identity to payment credentials, thus enabling Fivestars’ next-generation loyalty platform.
With their platform, Fivestars is able to quickly onboard small businesses while saving millions of dollars in PCI and security costs that can instead be invested to build unique features to benefit Fivestars’ merchants and consumers.
Today, when an enrolled consumer transacts with their preferred payment card at any Fivestars merchant across the country, VGS intercepts the transaction in real-time, linking the card number (PAN) to an omnichannel token that Fivestars matches to the consumer’s loyalty account. And because VGS’ data tokenization is independent from Fivestars’ payment processing relationships, Fivestars has full control over its own transaction data while preserving optionality and avoiding becoming locked into any single vendor.
Fivestars needed a partner who could solve PCI compliance with the same expertise as an in-house team, without locking them into a specific processor. Finding a partner in the compliance space would allow them to fast-track their compliance certification and get their product to market faster.
In order to eliminate this unnecessary friction and streamline their checkout experience, Fivestars wanted to find a way for customer loyalty to be rewarded without slowing down checkout lines or requiring consumers to jump through extra hoops as they made their purchases.
Fivestars realized they needed to build an integrated in-store experience for restaurants, hospitality, and retail locations that was both personalized for the consumer and efficient for the merchant. This meant designing a new digital checkout experience that linked transactions with consumer identities in order to provide better analytics to merchants and more compelling, personalized offers to merchants. Fivestars’ goal was to allow businesses to turn credit card transactions into customer relationships without the friction of inconveniencing consumers by asking them to type in a phone number or email address every time.
Executive Summary
“Not even Starbucks can offer such a seamless check-in experience. You have to open their app, pull up a QR code, and scan it in order to earn your points. Because of our partnership with VGS, we are at the leading edge of brick-and-mortar customer experience, and we empower local businesses to gain an edge and compete against major franchises.”
- Matt Doka, Co-founder and CTO
“We had experienced what it was like to be locked into other processors, and it was a huge pain to transition. We wanted to avoid that as much as possible and work with neutral technology providers.”
- Matt Doka, Co-founder and CTO
“VGS committed to not just providing a secure data store, but also providing PCI advisory and compliance support. That was big for us. None of the other providers could provide an integrated partnership.”
- Matt Doka, Co-founder and CTO
“VGS played a major role in PCI advisory and engineering architecture, not just providing security and tokenization technology. That was huge for us. Nobody else would provide an integrated partnership, and it saved us months, if not years of time while allowing us to leverage some of the best minds in the industry in architecting our solution.”
- Matt Doka, Co-founder and CTO
THE solution
THE Results
A Safe Flow of Data Protected by VGS
PCI Descoped Zone
Your Server
VGS VGSFrontend 3rd Party
ZERO DATA PCIDSS COMPLIANT
+
ZeroDATAThey can’t hack what isn’t there
verygoodsecurity.com
1 (844) 847-0232
Contact us to get started
“We really think of Fivestars as an identity platform. We build experiences like marketing automation and loyalty on top of that identity, and the rails for that identity are the VGS services for security and tokenization. It really is a big piece of how we are able to build a brick-and-mortar identity platform, the same way Google has built login across the web.”
- Matt Doka, Co-founder and CTO
